heckyel/yt-local
0
0
Fork 0
Code Issues Pull Requests Actions Releases 7 Activity
Files
d6190a2d0baa37c17a446540ae4ca97b716096b2
yt-local/tests
History
Astounds d6190a2d0b security: harden code against command injection and path traversal 
Core changes:

* enforce HTTPS URLs and remove shell usage in generate_release.py
* replace os.system calls with subprocess across the codebase
* validate external inputs (playlist names, video IDs)

Improvements and fixes:

* settings.py: fix typo (node.lineno → line_number); use isinstance() over type()
* youtube/get_app_version: improve git detection using subprocess.DEVNULL
* youtube/util.py: add cleanup helpers; use shutil.which for binary resolution

YouTube modules:

* watch.py: detect and flag HLS streams; remove unused audio_track_sources
* comments.py: return early when comments are disabled; add error handling
* local_playlist.py: validate playlist names to prevent path traversal
* subscriptions.py: replace asserts with proper error handling; validate video IDs

Cleanup:

* remove unused imports across modules (playlist, search, channel)
* reorganize package imports in youtube/**init**.py
* simplify test imports and fix cleanup_func in tests

Tests:

* tests/test_shorts.py: simplify imports
* tests/test_util.py: fix cleanup_func definition
2026-04-20 00:39:35 -05:00
..
test_responses
Exit node retrying: Retry 3 times. Also add tests for it.
2020-12-21 18:23:09 -05:00
__init__.py
Add tests/__init__.py file
2021-02-24 22:30:59 -05:00
conftest.py
Exit node retrying: Retry 3 times. Also add tests for it.
2020-12-21 18:23:09 -05:00
test_shorts.py
security: harden code against command injection and path traversal
2026-04-20 00:39:35 -05:00
test_util.py
security: harden code against command injection and path traversal
2026-04-20 00:39:35 -05:00